Thanks for reply.
I was tried to deploy McAfee ESM AS per given System requirement but getting ERROR.
that is "Could not format /dev/sda1/ ext3."
Please check the image.
actually I am getting VM from McAfee that contain .iso file which i was tried to deploy on Esxi vm.
okay i will try to resolve the issue.
If you get something related to this please revert me.
when you want to deploy SIEM in the virtual environment, you should rather use the OVF template from McAfee Download Portal. ISO is prepared for appliance versions, so you can have a trouble with using it on virtual machine.
The Installation Guide Document (Available for download to McAfee customers) is your Primary tool to making an engagement as efficient and simple as possible; the “esm_940_ig_0-00_en-us” document. You’ll want to highlight the sections so you can have them on hand for the physical device configuration steps.
Start with Page 11 "Connect and start the devices"
Then on Page 19 "Configure the network interface" , configure your primary SIEM devices.
This should complete your physical setup and initial device terminal configurations.
This is a literal step by step guide for physical setup to device configuration settings.. If you have any questions please feel free to message me and I'll help if possible; I've done countless installs, configurations, and development for numerous environments.
thanks all for information ... basically some one told this book
is best to start with SIEM, so looking forward to this .. some PDF or link to download.
I’ve been following this community for a bit but I have never been active. I saw this thread and felt compelled to reply.
Unfortunately, there is only one book on SIEM and it was already mentioned. This book is "Security Information and Event Management (SIEM) Implementation." In my opinion, the book is horrible and my recommendation would be to skip it to save yourself the money and time. The book doesn’t even touch on SIEM management or use cases in detail. Outside of the previous suggestions related to McAfee SIEM, the link below outlines the best material I have found concerning SIEM implementation and management.
The Securosis series provides a nice overview, Anton Chuvakin (a Gartner analyst) articles address planning projects and managing SIEM, and the SANs presentation slide deck is really good about building a SOC.
Can you please go through the link there is installation guide for McAfee siem in which check the page number 10.
has description of minimum hardware and software requirement.
please check and revert why the difference between two different environment.